Approved changes feed: RSS · Atom

cpe:2.3:a:bosch_rexroth_ag:ctrlx_os_-_solutions:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorBosch Rexroth Ag (1dedc962-7ef7-51a0-a857-e2a074563874)
ProductCtrlx Os Solutions (530b2861-d17d-5abd-a878-c06239f409e5)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-24344 vulnerable 2026-06-08 07:12:48.502682 Details available
MEDIUM (6.3)
A vulnerability in the error notification messages of the web application of ctrlX OS allows a remote unauthenticated attacker to inject arbitrary HTML tags and, possibly, execute arbitrary client-side code in the context of another user's browser via a crafted HTTP request.
Published: 2025-04-30T11:33:44.949Z
Updated: 2025-04-30T14:52:12.142Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-24343 vulnerable 2026-06-08 07:12:48.502295 Details available
MEDIUM (5.4)
A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary files in arbitrary file system paths via a crafted HTTP request.
Published: 2025-04-30T11:26:51.681Z
Updated: 2025-04-30T15:07:05.596Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-24338 vulnerable 2026-06-08 07:12:48.500289 Details available
HIGH (7.1)
A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to execute arbitrary client-side code in the context of another user's browser via multiple crafted HTTP requests.
Published: 2025-04-30T10:51:00.663Z
Updated: 2026-02-26T18:27:54.213Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.